UnitedHealth Data Breach

UnitedHealth website logo on computer

Overview

The 2024 cyberattack on UnitedHealth compromised the personal and health information of over 190 million people, marking one of the most significant data breaches in U.S. history. This project examines the systems failures that enabled the breach, the ongoing risks tied to the exposed data, and what it reveals about the vulnerabilities in healthcare infrastructure, corporate accountability, and public sector preparedness. Students within the Sanford School of Public Policy collaborate with Bob Sullivan—an award-winning journalist and author known for his work on cybercrime and victim advocacy—to investigate the far-reaching implications of the breach. Their findings are featured in Debugger, a four-part podcast series hosted by Sullivan that explores the many dimensions of the crisis.

Listen to the Introduction

The Debugger Podcast with Bob Sullivan: UnitedHealth hack series

Bob Sullivan is an award-winning journalist and author, widely recognized for his work on cybercrime and victim advocacy. His podcast series, Debugger, explores the intricacies of cybercrimes, data breaches, and the impact of modern cybersecurity failures. Below are links to his four-part series on the UnitedHealth Data Breach:

Debugger Podcast Cover

Episode 1: Timeline of a health data disaster

In the first episode, Bob dives deep into the massive cyberattack on UnitedHealth, which exposed the personal and health information of millions. He examines how the breach occurred and the far-reaching implications for healthcare security.

Listen to Episode 1

Episode 2: What Makes This Different from Other High-Profile Hacks?

In the second episode, Bob delves into the magnitude of this breach, with a focus on why and how it stands above so many other cyberattacks, both in size and impact. He takes a detailed look at the unique vulnerabilities that were exploited in this attack.

Listen to Episode 2

Episode 3: Who Did It and What Do We Know About What Is Happening to the Stolen Data?

In this third episode, Bob delves into the identity and motivations of the malicious actors behind the breach. He examines their strategies, the methods they employed to infiltrate UnitedHealth’s systems, and the broader implications of such cybercrime.

Listen to Episode 3

Episode 4: What Are the Legal Consequences? Lawsuits? Government Action? What Now?

In the final episode, Bob examines the legal fallout from the data. He explores the lawsuits filed by affected individuals and organizations, government responses, and broader implications for cybersecurity laws.

Listen to Episode 4